mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 05:47:59 +00:00
Code Issues Releases Wiki Activity

add read access to @{PROC}/sys/vm/overcommit_memory as used by glibc. See

Browse Source 
http://sourceware.org/git/?p=glibc.git;a=commit;h=9fab36eb583c0e585e83a01253299afed9ea9a11

Acked-By: Jamie Strandboge <jamie@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-By: Seth Arnold <seth.arnold@canonical.com>
This commit is contained in:
Jamie Strandboge 2013-04-08 20:11:43 -05:00
parent 7e9c7c37be
commit 7679ac49b1
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
profiles/apparmor.d/abstractions/base
View File

@ -100,6 +100,9 @@
# glibc statvfs
@{PROC}/filesystems r,
# glibc malloc (man 5 proc)
@{PROC}/sys/vm/overcommit_memory r,
# Workaround https://launchpad.net/bugs/359338 until upstream handles stacked
# filesystems generally. This does not appreciably decrease security with
# Ubuntu profiles because the user is expected to have access to files owned